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3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
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DETAILED ACTION 

Response to Arguments 

In response to applicant's arguments against the references individually, one cannot show 

nonobviousness by attacking references individually where the rejections are based on 
combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re 
Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). 

Applicant's arguments filed 5/21/2008 have been fiiUy considered but they are not 
persuasive. 

Applicant argues that Stewart US 6,571,221 does not teach a datacenter, does not provide 
decryption, and does not teach a first and second interface within a data center. 
Examiner argues that Stewart is not relied on to teach a datacenter, or decrj^tion, 
therefore the applicant's argimients are not persuasive. Stewart is relied on to teach a 
wired and wireless interface. Stewart also teaches a first and second interface (incoming, 
outgoing) independent of whether the wired/wireless access point is in a data center or 
whether it performs decryption. Stewart teaches logic to determine whether or not the 
incoming data is a wired protocol or wireless protocol. 

Applicant argues that Kramer US 2002/0099957 does not teach that the SSL, and WTLS 
are used by the external client, and not VPN access server 314. Applicant argues that it 
should not be assumed that because the extemal client uses WTLS that the BPN access 
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server would receive WLTS. Applicant argues that WTLS conversion is typically 
performed before reaching the VPN access server. 

The examiner argues that the combination of Stewart and Kramer teach the limitations as 
claimed by the applicant. Kramer is relied on for encryption, decryption SSL, and 
WTLS. Stewart is relied on to teach wired and wireless access. The applicant argues that 
typically the connection does not use a WTLS protocol, but the references do not teach a 
conversion prior to the VPN access server, and instead states ""the security for the 
connection may be provided by using SSL protocol or WTLS security". Since a 
connection requires two parties, the examiner interprets this as the external device and the 
access server both using the same protocol. The combination with Stewart would allow 
the access server to accept wired or wireless transmissions and decrypt them. 

Applicant argues that Halme US 7,099,284 does not teach conversion of WTLS. As 
stated in the previous arguments, Kramer is relied upon to teach decryption and WTLS, 
thus the applicant's argument is moot. Hahne is relied upon to teach decryption and 
forwarding data across a network decrypted. Halme is relied upon to teach that the 
decrypted data is forwarded over a data center (private Ian). Halme teaches encryption 
from a first private network (A) over a public network (10) to another private network 
(B) where the decryption is performed by an apparatus part of said private network (Bl ,) 
as shown in figure 3 and the previous rejection. Halme teaches the data is passed to a 
host in private datacenter/network B. 
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As stated in the previous rejection, the term data center is being interpreted by the 
examiner with the broadest reasonable interpretation. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



Claims 33-36, 38, 40, 42, 43, 45, 48, 50, 51, 52, and 54-59 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Stewart US 6,571,221 in view of Kramer US 
2002/0099957in view of Halme 7,099,284. 



As per claims 33, 42, 50, 56, and 59 Stewart teaches an interface to receive data from at 
least one wired client device and one wireless client device, (Col 8 lines 47-55). Stewart 
teaches logic to determine if the device is wired or wireless, (Col 7 lines 43-62, Col 8 
lines 20-30). Stewart teaches requesting a secure connection from a wired or wireless 
device,(Col 13 lines 33-43). Stewart teaches that the client is authenticated in 
establishing a connection with the wired or wireless device, (Col 14 lines 29-44). 
Stewart does not teach SSL, WTLS or converting encrypted data to an unencrypted 
format. 
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Kramer teaches a security format conversion system including from SSL WTLS, [0024], 
[0050]. Kramer teaches converting the encrypted data to a different format 
(encryption/decryption) [0050]. Kramer teaches a network interface and a server to 
receive converted data, [0049]. It is well known in the art that the port used and key 
exchanged in SSL, and WTLS indicate the recipient decrypt the encrypted data. 
It would have been obvious to one of ordinary skill in the art to use the protocols of 
Kramer with the system of Stewart because SSL and WTLS are widely accepted and 
compatible protocols. 

Halme teaches using a VPN protocol where encrypted data is sent from one private 
network over a public network to a second private where it is decrypted at a node and 
forwarded over a private network Ian (data center) (Col 1 lines 20-35, Col 3 lines 35-55, 
Fig 3). It is well known in the art that SSL is used with VPN protocol. It is well known 
that Lans may contain multiple clients and servers. 

It would have been obvious to one of ordinary skill in the art to use the VPN of Halme 
with the previous combination because it allows end to end security. 

As per claim 34, Stewart teaches that the device has an interface to transmit data and to 
receive data from a server, (Col 14 lines 16-22). 

As per claims 38, 45, and 52, Stewart teaches requesting a digital certificate of the client 
and authenticating that certificate, (Col 14 lines 19-22, 29-33). 



Application/Control Number: 10/045,893 
Art Unit: 2134 



Page 6 



As per claims 35, 36, 40, 43, 48, 51, 54, and 55 Stewart does not teach protocols or 
determining the client type dependent on protocol. 

BCramer teaches a security format conversion system including from SSL or WTLS, 
[0050]. 



As per claims 57, and 58 Kramer teaches that all decryption takes place in a VPN server 
or firewall, which is located between a public network and a data center server, [0049], 
Fig 3. 



Claims 37, 41, 44, 46, and 49 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Stewart US 6,571,221 in view of Kramer US 2002/0099957 in view of Halme 
7,099,284 in view of Douglas US 2004/0010684. 



As per claims 37 and 44, Stewart fails to teach sending a certificate from the server to the 
client. 

Douglas teaches a handshaking technique where the client and server exchange 
certifications and digital signatures to authenticate each other, [0031], [0032]. 
It would have been obvious to one of ordinary skill in the art to use the handshaking 
technique of Douglas with the system of Stewart-Kramer- Halme because it allows the 
client to authenticate the server thus ensuring that the client is not communicating with an 
unauthorized party. 
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As per claims 41, and 49, Stewart-Kramer-Halme fails to teach receiving a digital 
signature from the client device and validating said signature. 
Douglas teaches a handshaking technique where the client and server exchange 
certifications and digital signatures to authenticate each other, [0029], [0030] [0031]. 
It would have been obvious to one of ordinary skill in the art to use the digital signatures 
of Douglas with the system of Stewart in order to confirm that data had not been 
manipulated in fransit. 

As per claim 46, Stewart -Kramer-Halme fails to teach verifying the validity period of 
the certificate. 

Douglas teaches including a timestamp in the signed message, and validating said 
message, [0028], [0029]. It would have been obvious to one of ordinary skill in the art to 
use the timestamp of Douglas with the certificate of Stewart because it would prevent 
replay attacks [Douglas 0028]. 

Claims 39, and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Stewart US 6,571,221 in view of Kramer US 2002/0099957 in view of Halme 7,099,284 in 
view of Hajmiragha US 6,289,460 

As per claims 39, and 47, Stewart-Kramer- Halme does not teach using a URL with a 
digital certificate. 



Application/Control Number: 1 0/045 ,893 Page 8 

Art Unit: 2134 

Hajmiragha teaches sending a link, rather than the actual digital certificate, (Col 4 lines 
40-43). 

It would have been obvious to one of ordinary skill in the art to use the system of Stewart 
with the link of Hajmiragha, because the link prevents interception and modification of a 
digital certificate between parties. 



Claims 53 is rejected under 35 U.S.C. 103(a) as being unpatentable over Stewart US 
6,571,221 in view of Kramer US 2002/0099957 in view of Halme 7,099,284 in view of 
Stubblebine US 6,216,231 

As per claim 53, Stewart-Kramer- Halme does not teach updating a short lived server 
certificate based on a user defined interval. 

Stubblebine teaches updating a short lived server certificate based on a user defined interval, 
(Col 15 lines 25-36). 

It would have been obvious to one of ordinary skill in the art to use the updating certificates 
of Stubblebine with the Stewart-Kramer-Halme combination because short lived certificates 
increase security. 



Claim 60 is rejected under 35 U.S.C. 103(a) as being unpatentable over Stewart US 
6,571,221 in view of Kramer US 2002/0099957 in view of Halme 7,099,284 in view of 
Bacha US 6,931,526 



Application/Control Number: 1 0/045 ,893 Page 9 

Art Unit: 2134 

As per claim 60, the previous combination of Stewart, Kramer and Halme teaches SSL 
protocol, but not certificate revocation lists. 

Bacha teaches authentication of certificates through SSL (a well known certificate exchange 
method) and if the session is new, comparing the SSL certificate to certificate revocation lists 
(col 10 lines 48-64) 

It would have been obvious to one of ordinary skill in the art to use the CRL of Bacha with 
the SSL method as taught by the previous combination because it enhances security by 
checking the certificate against well known invalid certificates. 



Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS fi-om the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER J. BROWN whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Kambiz Zand can be reached on (571)272-381 1. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Christopher J Brown/ 
Examiner, Art Unit 2134 
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